Self-service configuration for BMC Helix SSO Tenant administrator
To configure self service in the Tenant
- As a SaaS administrator, log in to the BMC Helix SSO Admin Console.
- On the navigation panel, click Tenant.
- In the Self service configuration field, select the IdPs that need to be available for the all tenant`s realms from the following json string example:
{"allowedIdPs":["LOCAL","SAML","LDAP","OIDC","PREAUTH"],"bypassTemplate":{"host":"localhost","port":0}}
The Self service configuration field contains bypassTemplate configuration which is used to configure bypass for all realms allowed for a self service. Here, you can change values for the host and port, otherwise the default configurations will be applied. In case when a new tenant is created via HSSO Admin Console, a bypass template configuration and LOCAL, SAML, LDAP, OIDC, PREAUTH allowed IdPs are available. The self service configuration is optional. If no configuration provided than all IdPs will be allowed for configuration.
To configure self service in the Realm
After the configurations in the Tenant are done, navigate to the appropriate Realm to configure a self services for.
- From the list of the Realms, select the necessary one.
- Click Edit Realm.
- Select the Self service checkbox.
- Save your changes.
The three tabs become available for a Tenant Administrator in addition to existed Local User management:
- Realm - make changes for branding, update Authentication settings (with no access to information about bypass)
- Session - get information about existed sessions, manage them (delete)
- Audit - to get data about admin and end-user audited actions
